ben/diyhosting
ben
/
diyhosting
1
0
Fork 1
Code Issues 1 Pull Requests Projects Releases Wiki Activity
diyhosting/tor.html

106 lines
4.3 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html lang=en>
<head>
<title>Mirror your site over Tor</title>
<!--# include file=".nav.html" -->
</head>
<body>
<header><h1>Mirror Your Site Over Tor</h1></header>
<nav></nav>
<main>
<img class=titleimg src="pix/tor.svg" alt="Tor logo">
<p>
Now that you have a website, why not offer it on a private alternative such as the onion network?
</p>
<h2>Setting up Tor</h2>
<h3>Installing Tor</h3>
<p>Firstly we need to add the Tor repos to our system to get the latest version of Tor:</p>
<pre><code>apt install -y apt-transport-https gpg
echo "deb https://deb.torproject.org/torproject.org buster main
deb-src https://deb.torproject.org/torproject.org buster main" > /etc/apt/sources.list.d/tor.list</code></pre>
<p>Then we need to add the gpg keys to our keyring:</p>
<pre><code>curl -s https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -</code></pre>
<p>Now update and install Tor:</p>
<pre><code>apt update
apt install tor deb.torproject.org-keyring</code></pre>
<h3>Enabling Tor</h3>
<p>Next edit the file <code>/etc/tor/torrc</code>, uncommenting the following lines:</p>
<pre><code>HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80</code></pre>
<aside>
<h4>Optional: Running multiple onion services</h4>
<p>If you want to forward multiple virtual ports for a single onion
service, just add more HiddenServicePort lines (replace the 80 with any unoccupied port).
</p>
<p>If you want to run multiple onion services from the same Tor client, just add another
HiddenServiceDir line.</p>
</aside>
<p>Now start and enable Tor at boot:</p>
<pre><code> systemctl enable --now tor </code></pre>
<p>If the next command outputs <q>active</q> in green you're golden!</p>
<pre><code> systemctl status tor</code></pre>
<p>Now your server is on the dark web. The following command will give you your onion address:</p>
<pre><code> cat /var/lib/tor/hidden_service/hostname</code></pre>
<h2>Adding the Nginx Config</h2>
<p>
From here, the steps are almost identical to setting up a normal website configuration file.
Follow the steps as if you were making a new website in the webserver
<a href="nginx.html">tutorial</a> up until the server block of code. Instead, paste this:
</p>
<pre><code> server {
listen 127.0.0.1:80 ;
root /var/www/<strong>landchad</strong> ;
index index.html ;
server_name <strong>your-onion-address</strong>.onion ;
}</code></pre>
<aside>
<h4>Clarification</h4>
<p>Nginx will listen on port 80 for your <em>server's</em> localhost.</p>
<p>The <code>root</code> line is the path to whichever website of yours you'd like to mirror.</p>
</aside>
<p>
Now we are almost done, all we have to do is enable the site and reload nginx which, is also covered in <a href="nginx.html#enable">the webserver tutorial</a>.
</p>
<h3>Advertise your onion service</h3>
<p>You can add the Onion-Location header to your normal website to advertise your onion service to Tor users. On your regular site's nginx config, add the following line:</p>
<pre><code>server {
...
add_header Onion-Location http://<strong>your-onion-address</strong>.onion$request_uri;
}</code></pre>
<p>After doing this and reloading nginx, when visiting your regular site via Tor, you should see a ".onion available" button on the address bar, which should take you to the onion service.</p>
<h3>Update regularly!</h3>
<p>Make sure to update Tor on a regular basis by running:</p>
<pre><code>apt update
apt install tor</code></pre>
<h4>Note:</h4>
<p>You do <u>not</u> need to run certbot for an ssl certificate. HTTP over tor is plenty secure!</p>
<p><strong>Contributor</strong> - <a href="https://tomfasano.co" target="_blank">tomfasano.co</a></p>
</main>
<!--# include file=".footer.html" -->
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink